package com.qingfeng.manager.controller;

import com.qingfeng.core.aop.exception.HttpException;
import com.qingfeng.core.data.ResultData;
import com.qingfeng.core.utils.CaptchaUtil;
import com.qingfeng.core.utils.DesUtil;
import com.qingfeng.manager.config.shiro.UrlFilter;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.imageio.ImageIO;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;

/**
 * @description:
 * @author:LWY
 * @date: 2017/10/17 15:15
 * @modified:
 */
@RestController
public class HomeController {


    @RequestMapping("/veriCode")
    public void getVeriCode(HttpServletRequest request, HttpServletResponse response) throws Exception {
        ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
        String captchaId = request.getSession().getId();
        BufferedImage challenge = CaptchaUtil.getInstance().getImageChallengeForID(captchaId, request.getLocale());

        response.setHeader("Cache-Control", "no-store");
        response.setHeader("Pragma", "no-cache");
        response.setDateHeader("Expires", 0L);
        response.setContentType("image/jpeg");

        ImageIO.write(challenge, "jpeg", jpegOutputStream);
        byte[] captchaChallengeAsJpeg = jpegOutputStream.toByteArray();

        ServletOutputStream respOs = response.getOutputStream();
        respOs.write(captchaChallengeAsJpeg);
        respOs.flush();
        respOs.close();
    }

    @Autowired
    ShiroFilterFactoryBean shiroFilterFactoryBean;
    @Autowired
    UrlFilter urlFilter;

    @RequestMapping("/login")
    public ResultData login(HttpServletRequest request) throws Exception {
        String username = request.getParameter("username");
        String pwd = request.getParameter("pwd");
        /*if (!CaptchaUtil.isResultCorrect(request)) {
            throw new HttpException(HttpException.CUSTOM_ERROR, "验证码错误");
        }*/
        //数据库里面存的是用户名+密码MD5的组合加密串
        pwd = DesUtil.encryptBasedDes(pwd);
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, pwd);
        Subject currentUser = SecurityUtils.getSubject();

        try {
            currentUser.login(usernamePasswordToken);
        } catch (DisabledAccountException e) {
            throw new HttpException(e.getMessage());
        } catch (AccountException e) {
            throw new HttpException(e.getMessage());
        } catch (AuthenticationException e) {
            throw e;
        }
        //加载权限
        urlFilter.loadPermision(shiroFilterFactoryBean);
        ResultData resultData = new ResultData(ResultData.SUCCESS, "登录成功", null);
        return resultData;
    }
}
